$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153796.roa File: AS153796.roa (raw, json) Hash identifier: bPzR7ibOp51vTyu30BHiGka16ZukKr6oq1Ea2In9vZI= Subject key identifier: 09:76:0E:86:72:90:D0:04:7F:96:53:C1:A8:AC:91:DF:A4:63:74:13 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 72C98D96F80C12C5CC32D4FE6FB0CC62E44328CB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153796.roa Signing time: Wed 01 Apr 2026 05:00:00 +0000 ROA not before: Wed 01 Apr 2026 04:55:00 +0000 ROA not after: Wed 31 Mar 2027 05:00:00 +0000 asID: 153796 IP address blocks: 161.248.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 20:12:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:c9:8d:96:f8:0c:12:c5:cc:32:d4:fe:6f:b0:cc:62:e4:43:28:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 1 04:55:00 2026 GMT Not After : Mar 31 05:00:00 2027 GMT Subject: CN=09760E867290D0047F9653C1A8AC91DFA4637413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:29:aa:43:88:2e:6c:26:8f:94:5a:c5:03:99: a0:f9:ff:aa:01:90:cf:e4:2a:b4:f2:c5:3d:7f:36: 26:fe:36:1f:f6:5c:2d:92:51:0c:56:be:b8:97:a7: a7:16:5c:ab:b5:9a:c5:bd:13:79:ef:6c:4f:cd:2e: f5:86:59:a0:ef:0c:5a:59:7b:22:48:84:f9:c7:1f: 10:49:ac:4a:9b:a9:bd:ba:85:ba:e2:42:85:f4:79: 32:34:05:b0:5f:24:4c:05:03:66:ff:c9:21:57:d5: 4b:e8:82:f2:df:6a:0b:92:cd:97:1a:bb:75:aa:75: 0b:8c:63:31:f5:f4:50:60:20:96:5c:ce:00:03:4d: 52:d0:f6:75:a3:97:57:d6:b6:7d:50:b9:45:62:a7: 85:b1:1d:fd:72:68:d5:0b:7c:fc:26:d1:04:ef:c3: 2f:ef:39:67:77:09:cb:6d:2a:a6:54:fb:3b:66:b0: ca:ee:66:0b:ac:ba:7a:0f:cd:49:12:e8:c5:1b:8e: 0c:b6:5b:c5:bb:75:7a:36:b1:ff:30:95:55:ea:45: e4:7c:9b:9b:20:cf:86:35:d4:a7:fa:a8:37:4a:5a: 1b:06:b3:54:1e:87:91:44:70:61:b2:df:29:d9:7d: 77:75:82:46:41:ab:bf:27:77:be:9a:fe:d7:c7:51: 9c:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:76:0E:86:72:90:D0:04:7F:96:53:C1:A8:AC:91:DF:A4:63:74:13 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153796.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.240.0/24 Signature Algorithm: sha256WithRSAEncryption 90:a6:2a:64:34:fe:ea:96:7a:3e:fa:68:32:ab:88:ba:40:d9: ee:15:6f:0d:37:30:be:f4:a7:37:01:a9:17:91:27:10:36:9a: 7e:ea:28:5c:9a:9b:28:f3:15:1e:48:75:7d:55:23:84:1b:94: 03:0f:1c:28:87:f9:eb:7b:91:06:56:72:70:2f:f5:4d:4f:d9: 0b:94:58:11:6a:3a:3c:20:81:ca:c1:9d:91:07:12:8e:d6:65: de:82:7e:87:a6:96:54:07:70:a0:ba:b0:d7:e4:e5:a2:9c:f3: fd:15:96:86:e9:7c:f1:06:30:3c:0a:c2:fb:29:08:23:3f:ba: 14:c8:53:68:5b:28:69:5e:d5:fc:11:07:d1:ff:8c:d3:91:14: d4:1d:f4:34:be:63:25:60:83:f5:b7:51:4d:d7:02:52:60:e5: 15:ce:fa:d8:86:34:f0:5f:05:97:e7:bf:a5:cf:9f:7b:d7:b5: 10:f3:01:02:10:0c:98:90:a7:26:57:a9:7a:3d:a7:f3:4d:f8: af:97:03:9e:a2:fd:97:4b:a3:52:e8:a5:1e:06:6f:a4:a1:72: bd:0a:fc:b0:a1:e7:7b:e6:3e:cc:ea:75:6a:66:e9:74:df:da: 9c:b0:2e:7b:14:2a:31:fd:2c:31:87:f9:af:8c:8e:a9:3a:9f: 7f:7f:d5:15 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUcsmNlvgMEsXMMtT+b7DMYuRDKMswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQwMTA0NTUwMFoX DTI3MDMzMTA1MDAwMFowMzExMC8GA1UEAxMoMDk3NjBFODY3MjkwRDAwNDdGOTY1 M0MxQThBQzkxREZBNDYzNzQxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALgpqkOILmwmj5RaxQOZoPn/qgGQz+QqtPLFPX82Jv42H/ZcLZJRDFa+uJen pxZcq7Waxb0Tee9sT80u9YZZoO8MWll7IkiE+ccfEEmsSpupvbqFuuJChfR5MjQF sF8kTAUDZv/JIVfVS+iC8t9qC5LNlxq7dap1C4xjMfX0UGAgllzOAANNUtD2daOX V9a2fVC5RWKnhbEd/XJo1Qt8/CbRBO/DL+85Z3cJy20qplT7O2awyu5mC6y6eg/N SRLoxRuODLZbxbt1ejax/zCVVepF5HybmyDPhjXUp/qoN0paGwazVB6HkURwYbLf Kdl9d3WCRkGrvyd3vpr+18dRnJcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQJdg6G cpDQBH+WU8GorJHfpGN0EzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzc5Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH48DANBgkqhkiG9w0BAQsFAAOCAQEAkKYqZDT+6pZ6PvpoMquI ukDZ7hVvDTcwvvSnNwGpF5EnEDaafuooXJqbKPMVHkh1fVUjhBuUAw8cKIf563uR BlZycC/1TU/ZC5RYEWo6PCCBysGdkQcSjtZl3oJ+h6aWVAdwoLqw1+Tlopzz/RWW hul88QYwPArC+ykIIz+6FMhTaFsoaV7V/BEH0f+M05EU1B30NL5jJWCD9bdRTdcC UmDlFc762IY08F8Fl+e/pc+fe9e1EPMBAhAMmJCnJlepej2n8034r5cDnqL9l0uj UuilHgZvpKFyvQr8sKHne+Y+zOp1ambpdN/anLAuexQqMf0sMYf5r4yOqTqff3/V FQ== -----END CERTIFICATE-----Generated at Fri Apr 17 16:14:23 2026 by rpki-client